[arin-ppml] 2009.10.23 ARIN 24 day 3 part 1
Matthew Petach
mpetach at netflight.com
Fri Oct 23 12:08:25 EDT 2009
Last set of notes from ARIN 24. Sorry about the typos, rushing a lot more,
I hear the wireless will go away momentarily. ^_^;;
Matt
2009.10.23 ARIN 24 day 3 part 1
John calls the meeting to order at 0907
hours Pacific time.
Daily survey results from last night, time
for the drawing.
Thanks to Arbor and Merit again as sponsors!
Reminder of the rules for the microphones.
Agenda for today is all reports, then open mic
time.
Government affairs and public policy report
Cathy Handley, Executive director
Activities since last meeting
CITEL PCCI
MAG
Navajo Nation (building fiber ring, will participate
in US government broadband project, hooking up with NSRC)
ICANN
APNIC(2)
CANTO (25th anniversary in Trinidad, CTU announced ARIN
as partner in ICT roadshow)
IGF Prep (for Nov meeting)
RIPE Gov Roundtables
PCG (public affairs coordination group in NRO)
ITU Telecom World
Significant events--NRO
NRO public affairs coordination group formed
ICANN:
rod beckstrom selected as new ICANN CEO
ICANN/USDOC joint project agreement ended sept 30 2009
signed new affirmation of committment agreement
agreement will stay in perpetuity, no end date
ICANN will stay headquartered in US
reviews still called for, will now be community + USG
reaffirms role of Government Advisory Committee
upcoming activities
Internet Governance Forum, Nov 15-18, Nate and John will
be there;
focus on critical internet resources
IPs, DNS, etc.
child safety, youth, social networking
cyber security
internet governance
developing countries, human rights
Questions?
Registration Services
Leslie Nobile
RSD Team slide
Current focus
working on ARIN Online
creating "user stories" and features for releases
processing Q&A and POCs
Legacy RSA
30, 60, 90 day follow up -- too many pending, 400 in queue
will close after 90 days
Resource Revocations
Fraud activity and reports
business as usual
Fraud Reporting Services
Way to report fraud about internet numbers
eg fraudulent submissions to ARIN, or changes to data
submission via web form
investigated by staff
all information kept private and anonymous
Fraud reporting results
brief description of results; anonymized
43 reports since Mar 2009
39 involved abuse reports like phishing
4 involved suspected numbers fraud
none resulted in reclamation yet
NRPM 12 has started being used where it looks like there
may be misuse of resources
Recovered resources slide
Returned: 270 /16s, 1213 ASNs
Revoked: 84.21 /16's 3943 ASNs
Reclaimed: 2.04 /16's 9 ASNs
Issuing Recycled Address Space
current practice
all recovered space held for 1 year
check routing tables--if routed, identify and stop
check RBLs for blacklisting, try to get it cleared
if they can't get it cleared from multiple RBLs, put
it back at bottom of the list
publish RSS feed with daily update of returned space.
IPv4 requests received have gone down a bunch this past
summer, in terms of requests and space issued.
But IPv6 growth trend is really on a rapid rise.
Questions?
Mark Wilson--how much IP space is sitting in hold
at ARIN, the whole list?
A: it's generally 1 year hold, so it's different every
day. She can look at current queue after this.
Leo Bicknell, ISC -- request for future reports: on IPv6
report number of requests for which they have no IPv4, but
just IPv6?
A: yes, will add that.
Human Resources and Administration report
Mary K Lee, director
department update
HR admin report
shout out to michigan
Rundown on all the tasks HR and admin does...wow!
Doing document retention and re-inventory of records;
now classifying everything, then will do disposition
schedule.
six month reviews finished end of June, good feedback
from managers, update annual review forms as well.
50 full time employee, 24 women, 26 men, 5.5 year
tenure, 26% at more than 5 years, 5 more than 10 years
next year.
picture of breakdown, similar to US workforce
16% lived in michigan, 43% visited michigan
Lots of Fords owned by the staff members.
Songs about michigan they've heard; wreck of the edmund
fitzgerald, 8 mile,
Member Services Report
Susan Hamlin, director
Motown theme for her slides.
the whole team of "happy people" is here.
3497 ARIN members
340 canada, 3114 US, 36 caribbean, outside ARIN, 7
what's going on
member services takes care of communication, website,
content, outreach, develop swag, help with shipping,
facilitate and adminster
policy development process
elections,
ACSP
ARIN meeting fellowship program
Elections and corporate documents
lately:
news flash piece -- managing internet number resources
developed to take on road to explain RIR system, policy
process, mailing lists, etc. on the website in knowledge
section--give feedback!
NRO communications support
ITU telecom world geneva with ICANN/ISOC
NRO website additions
supporting ARIN elections
ongoing, if you're DMR you get lots of email about
registering and becoming eligible. DMRs get certified
letter asking you to vote, and will call you.
Reach out:
info at arin.net
ARIN-Discuss mailing list
The ARIN Consultation and Suggestion process
Through Q&A in ARIN Online
ARINs gone social avenues
Getting Ready
2 meetings next year; Toronto and Atlanta
network sponsors for both meetings, but still need social
sponsors, etc.
fellowship program, would ask for help and suggestions,
would like to get word further out in the community, to
apply and get them more involved with ARIN
Financial Services Department
Bob Stratton, Director
Overview
staff
operations
contracts
green intiatives
trends
list of staff slide
Operations
working with Mark's staff on integrating ARIN online with
accounting
overdue maintenance cleanup
refined reminder email process
close books a bit faster
improved monthly account receivable reporting
FSD's revocation process
invoice sent via email 2 months before due
1 month, billing, tech, admin POC email
due, same 3
1 month over
2 months over, stronger language
after that, turn it over to RSD at 90 days, they look for
ANY POCS associated for space before revocation happens.
When ARIN Online kicks in, you can check your status at
any point, paid or unpaid.
Contracts
review process in place for all contracts, standard template
for review developed to compare against
RFP process in place
ARINs green initiatives
car pooling
employees switching to hybrids, using motorcycles
purchase carbon offsets for staff
recycle
Revenue vs Expenses
the engineering and infrastructure and v4 exhaustion and
IPv6 outreach are causing revenue and expenses to come
together.
Economic snapshot
US slowdown, developing countries still growing.
ATT, Ken Barter? Looking at email process, as you
go through reminders, how many get to end?
A: very few actual revocations; v4 space is valuable
to people.
They try to get people aware, they seem to be paying
bills earlier than they were.
Q: could consider using CEO or corp officer information
they are gathering for new allocations, possibly use
as last resort point of contact.
Q: is this process described on the web space anywhere?
A: No, it's not listed anywhere. Possible list it at
bottom of notice, or put URL pointing to where it is.
He doesn't want companies to figure out how long they
can delay before needing to really pay the invoice.
Engineering Report
Mark Kosters, CTO
Staffing
ops, 6 people (one was intern)
dev, 10 people, (4 are contractors)
QA, 3 people
requirements
pointy haired boss (PHB) 1
Ops
disaster recover replication
ARIN site not very safe, lots of hazards
diversity in serving up /8's under in-addr.arpa
Used to just be Verisign; working on second provider
site operational for west coast
peering with 4 byte ASNs
would like people to peer with them!
DNSSEC operational
nobody noticed any loss of service with it
will talk about it next week
v6 support for IRR in pilot
suggestions for new name? Roger?
IT 589 administrative requests answered
Whois statistics--grown, grown, grown, then plateaued
v6 whois statistics, a fraction of percent...
these are queries via v6 transport, not for v6 records
development
working on ARIN online
improve existing systems
improved rocess flows with business processs re-engineering
resource certification pilot
DNSSEC
Whois-RWS (restful web services)
IRR v6, Roger, going into prod soon
ARIN online 2.1 release
POC updates performed with direct database updates
POC recovery
improvements over email submitted POC templates
ARIN Online 2.2 out later
new functionality
resource record display
ARIN Online 2.2 --resources associated with org
Associations with a POC or ORG
ARIN Online
active accounts = 10,878
with profile: 9k
Agile Methodology
used waterfall method -- slow release cycles
working on strengths of organization
integration of QA within development
more frequent releases
quality assurance
every update working through QA
focusing on the customer experience
broad browser support
full regression testing
requirements
testable systems
trying to stay faster than development
working on "user stories"
lightweight documentation leading into sprints.
upcoming challenges
additional ARIN online features
RESCERT to be moved from pilot to production next year
DNSSEC will be a phased approach
integration with ARIN Online in 2010
Document management / retention systems
replacement of legacy gear
LISP participation
Q?
Cathy Aaronson -- Did people indicate why they
couldn't peer with 4 byte ASN?
A: OS on hardware couldn't support 4 byte ASNs yet.
Q: Kevin Oberman -- DNSSEC implementation is great,
which pieces do you have?
A: signing zones they're authoritative for.
They're not doing validating for zones yet in tools.
And the ARIN resolvers are not doing DNSSEC in terms
of doing validation.
No, wait, Matt says they are actually internally
validating using ISCs data.
An incorrectly signed zone will be thrown out.
Q: Leo Bicknell, ISC -- do they publish in-addr.arpa
in any trust registry, or in ISC's DLV until root is
signed?
A: Yes, they have put the trust anchors in ISC's DLV;
haven't followed up in others yet.
Randy Epstein, WVfiber, is it only 4 byte ASN on west
coast.
A: West coast is exclusively 4 byte ASN; east coast
has 2 byte and 4 byte.
A handful have done 4 byte ASN peering, but not many;
Matt looks up a number, 8 peers, 2 east, 6 west, that
can do 4 byte ASN.
Joe Maimon, CHL, does ARIN think it is appropriate about
fee scale disparity, public perception, are other models
under discussion for analysis?
A: That might be better at open mic session.
Board has lowered fees 5 times over the past 5 years.
Very interested to find out what people think, esp.
about v6 resources.
Leo Bicknell, ISC -- ARIN is only 4 byte ASN peer for
them, and it didn't blow up or melt down.
There is a transition technology, use ASN 23456 for
peering; you can peer using that technology, many
people don't know about it; can be challenging with
route reflectors or confederation; please read the docs!
ARIN outreach activities report
Megan Cruise(?)
It's Megan and Richard Jimmerson for the team.
contact various stakeholders beyond traditional ARIN community
raise awareness of ARIN and key messages
topics:
ARIN, RIRs, PDP and participation, IPv4 depletion, IPv6
adoption, Legacy RSA, 4 byte ASN numbers.
audiences:
providers, ISPs, content providers, application service providers
equipment and software vendors
methods:
presentations
exhibits (direct and reverse)
media interviews
advertisements
event attendance and participation
microphone time
hallway outreach
Materials
fact and information sheets (and CDs)
multimedia pieces
giveaways (pens, stickers, etc)
slide decks
comic books
etc
Exhibit speaking events slide--lots of text, go read it
yourself. ^_^;
They're not home much with all the events!
Public Relations Firm
hired LEWIS public relations in July
PR strategy and planning
Social Media Strategy and Tactics
Securing:
media interviews
speaking engagements
ARIN goes social
joint effort between MSD and outreach
Youtube, facebook, twitter
get the name out there, promote presence, interact
with ARIN members, internet technical community
she's megan at arin and teamARIN on twitter
uses teamARIN on all 3 sites.
Working on outreach site
detail ARIN exhibit and speaking events
archive presentations, papers, etc
support community members presenting on ARIN-related topics
interact with ARIN
archive of past articles, interviews, etc.
questions?
We're ahead of schedule, so John gives update.
Sparse allocations.
By November 16th, they will be doing sparse allocations
for IPv6!
So, in the far future, second allocations will be aggregatable.
Legacy RSA update from John.
issues prior to December 1997
created to allow for formal agreement between legacy holder
and ARIN
NOT required
$100 annual fee for legacy RSA holders to support replication
of reverse record support
ARIN will continue to provide services without a signed legacy
RSA minus any policy changes passed by the community
Those who sign the legacy RSA aren't subject to policy changes
by the community. Those who *don't* sign legacy RSA don't
get that guarnantee
764 requests
334 signed as of august 2009
47 not required
35 added to existing RSA
339 pending; takes a *lot* of research to validate that the
allocation really is authentic
educational 86, government 31, otehr 204, total 321
ISPs, 13
nearly 4 /8's under legacy RSAs
764 requests out of estimated 17,000 legacy space holders.
Most of the 17000 are holding /24s.
About 24% space-wise is covered, but very small in terms
of numeric count.
This is not a success yet; but it's a start.
There's a lot of legacy space that's not really space
anymore; orgs that brought
David Farmer, U of Minn: is that included in the 4 /8s?
A: no, it's not included in that total. Covered by
legacy RSA is about 5% (4 /8s), nearly 18% of legacy
space has been brought under RSAs.
Q: John Springer -- why do numbers not line up on left
and right?
A: 343 signed is end users plus 13. 334 + 13?
No, the numbers really *don't* add up; they'll update
the chart and numbers to match.
BREAK time, come back at 11am.
[*serious* kudos to whomever filled the iPod--the
music this time has kicked serious ass. Love the
inclusion of Jonathan Coulton!]
John calls us back to schedule at 11am.
Refreshed slides from Legacy RSA
343 breakdown:
edu 87, gov 33, other 210, total 330, 13 ISPs
Dec 30, 2009, Legacy RSA expires; it is done on a year by
year basis. If you don't start the process now, you may
not have the option.
David Farmer would encourage board to consider extending it
for one more year; he would like pending state requests
to be completed at least.
Owen deLong, ISC, also encourages the board to extend the
deadline, as well as allowing inprogress requests to
complete.
Cathy Aaronson--would be useful to have percentage of
space the 764 represent; the completed in total ones
are the nearly 4 /8 equivalents; the 339 pending are
not listed spacewise.
The percentage, spacewise, of the 17,000, this set
of people represent is not known.
It would be good to encourage legacy people to sign
RSA, so they can get benefits of new services being
rolled out, like RPKI, DNSSEC, etc.
Remind your legacy holder friends about this!
Arin Advisory Council report now
Planning to start AC meeting 30 minutes after
we adjourn from ARIN
15 member AC 3 year terms
Thank you Lea and Leo,
Lea Roberts, 10 years
Leo Bicknell, 6 years, past chair
Thank you, and good luck!!
Advisory Council Election
Leo, Stacy, Lea, Rob, Heather are expiring this year
17 nominated individuals for 5 positions
AC Role in PDP
evaluate policy proposals
develop draft policy
present draft policy at public policy meetings
25 proposals reviewed in 2009
15 accepted, 10 discarded
15 accepted onto docket
11 draft
4 deferred
11 drafts
5 pending
4 approved
2 abandonded
1 emergency draft policy, approved
Meetings
2 ARIN meetings -- all
1 ARIN caribbean sector meeting
3 NANOG meetings
2 RIPE
2 APNIC
etc
Fellowship program
participate on selection committee
mentor selected fellows during meetings
outreach program
participate in ARIN booth
PLEASE remember to vote! Lots of seats open,
lots of people running!
ARIN Financial Report
Scott Bradner, Treasurer
Overview
Reviewed fee structure and suggestions
monitor ARIN financial results
IRS requirements
Fee structure
keep current structure in place
keep parallel between v4 and v6
maint fees continue
reviewed suggestions
hardship -- rejected
non-profit -- rejected
Projected year-end financials
GAAP calls for expense on web updates to be capitalized,
goof in accounting on that being fixed.
Some estimates for colo site and disaster recover were
much larger than actual costs.
Changes to investment funds
capital improvement is now operating reserve
mainly short duration CDs, true draw account
deferred revenue to legal reserve
longer term CDs
operating reserve to long term reserve
equity and bond funds
501.c IRS reporting change; new requirements
FIN Comm and board will review changes.
Last year was bad, dipped into reserves.
2008 drew a million on reserves; this year,
only a half million draw on reserves.
Projections on revenue streams.
v4 renewals will be lion's share of revenue over
next four years as guess.
v6 and maint will grow, v4 initials will go to
zero, v4 renews will continue.
ARIN, Board of Trustees report
Paul Vixie, John Curran stepping in
BoT
Policy Actions
ratification of Draft Policy 2008-7: identify invalid POCs
ratified 2009-1 transfer policy
Management:
hired new president and CEO -- John
establish ARIN research process
look at routing table resources, effects of rationing
IPv4 addresses, etc. ARIN may ask partners for research
efforts
set resource PKI (RPKI) service direction
everybody working on pilots now, goal of pilots on a
single TA later
strengthen IPv6 outreach program
John doing 20-30 presentations a month now; still running
into people who don't understand the need for IPv6, or
thought it had been cancelled.
work with related organizations
RIRs/NRO
ICANN
ISOC another good partner for outreach!
Review and approve finance committee recommendations
Looking forward
considering membership and anti-takeover committee
how should membership be structured long term?
you can buy membership; what keeps someone from
stacking the room?
significant time/resource committments for international
education on the RIR system
Government and groups like ITU looking at the v4 runout
very closely, and considering taking a hand. Many people
don't understand how RIR system works.
Bill Woodcock notes that those of us in companies here
with government affairs officers, they might want to
get in touch with Bill, Cathy, or John, to help them
understand how to further the cause for self-governance
in the internet resource realm
Establishing long-term vision for services via ARIN
strategic planning process
Current one starting to get results; looking at how it
will evolve over time.
Not everyone wants ARIN to run all services for them;
run their own RPKI, their own rWhois service, etc.
Questions
Lee Howard--delighted and surprised, this is the first
board report he's done where he has slides. :D
John Springer; 22nd September, research opportunity had
been granted to...someone...
[looking to get clarification on a long paragraph he reads
very quickly]
One research reward was done under council, and will not
be disclosed under full detail about how people could break
in or game the system.
Ben Edelman is studying implications of transfer policy
and economic impact on the organization.
Once board has reviewed it, it may be released; it isn't
done yet, though, so they don't really know.
Keep an eye on mailing lists for other announcements.
Remote question--what does "takeover" mean?
We expect to have board members who know about our issues,
and represent us fairly; could an entity buy up seats,
vote for members in their camp, and take over ARIN
over time. Need to make it non-trivial to take over
the organization simply through buckets of money.
End of trustee report.
Open Mic.
Owen DeLong, ISC -- as it stands, there is dichotomy where
AC represents community at large, but is elected by ARIN
membership.
Should AC be elected by the community?
ARIN would count votes from "the community" to decide who
was appropriately on the AC.
But what would constitute a "member" at that point?
How about the metric used for the NRO?
Why does it take $500/year to influence content of
AC?
You elect based on knowledge and wisdom to shepherd the
policy process, not to create policies themselves; a
good set of 15 should be fine.
But fine for who? The need to be a 'member' to vote on
the AC may skew the AC membership away from the rest
of the community.
Lee Howard -- should people think about whether we have
a well constituted AC or are there groups not represented?
How do you qualify a voter? You can't support efforts
without knowing who will be voting on it.
Joe Maimon, CHL, various petition processes; do they
work or not? POlicy petition, not understood, the
A: Board and staff have discussed it a bit, and they
will make the election petition process much clearer
to understand.
Probably need to communicate that much better to the
community. Orgs can pretty much petition at just
about any point in the decision process.
Leo Bicknell, ISC -- sympathetic to owen's concept; one area
AC has difficulty with is when policies are only relevant
to a subset of the community; it may only matter to 10% of
the room, and the other 90% of people don't care; show of
hands of 10 for, none against, 150 don't care.
Those groups are under represented in the process, which
makes it harder for them to effect change in the process.
Perhaps NANOG attendees should be able to vote for AC
candidates, they have a well-defined membership as well,
and are definitely part of the community.
A: remote participation is wide open, the slides are there,
the agenda is followed, they're counted in polls as
remote participation.
IF 100 remote network attendees chose to join remotely,
they would not need to pay, and could vote on policies.
In some communities, that could be a challenge.
There's also perception problem with PDP change, that
AC members opinions have a new importance.
Bill Woodcock, seems organizationally difficult to
extend voting rights to arbitrary third groups.
On the other hand, NANOG and ARIN memberships are
similar costs, we already integrate closely; could
the two be reciprocal, so that membership in one
group confers membership rights to the other, etc.
That could be a way to do it a bit less arbitrarily.
Remote comment, Joe Maimon, CHL, to Owen; he was pleasantly
suprised at how few remote participants there are, but was
happy at how ARIN
Andrew Dul, voting for board vs AC; there's a group of
orgs that have no vote today, and that's the end users;
how could we make more effort to include them in the
process, so they can participate much like the ISPs?
Not sure what suggestion could be used to help bring
them in; a little bit of creative thinking might help
get us wider participation. Policy process is open
to end users, would like to see board or AC voting
also open to them.
Jason Schiller, Verizon--reciprocation between ARIN
community and NANOG community; we need to reciprocate
information between them; number policy and routing
policy shouldn't happen in a vacuum on each side;
to have good number policy and good routing policy,
you have to be aware of both sides.
John notes wednesdays meetings were about as joint
as you can get without merging...what more do you
want?
A: well, share voting memberships; and make it easier
for people to attend both meetings; maybe a single
registration, or discount for both, or a day between
conferences to discuss the issues, and have time to
weigh in on issues; could that get more people involved.
Cathy Aaronson; to Jason, she's now on NANOG program
committee; so let her know suggestions about tying
the two orgs together.
Also, anyone can be on board or AC, even if you're
not a member; all you need is a member to nominate
you.
Why isn't NRO election process appropriate? Why
can't NRO election process be used for AC?
A: that's historical, from the time of the MOU with
ICANN; it's just that they came from two different
origins, that's all.
Wouldn't it work well for AC?
Lee Howard:
Risk of capture to NRO is very low, at most, 3 of 15
members can be "bought". Hard to imagine why anyone
would want to "buy" the NRO.
Bill Woodcock notes that this isn't paranoia; as
non-profit bank account gets bigger, and as they
gain control over more serious assets, they become
targets.
Two domainers took over two national registrars,
who just wanted to take the money and run.
John Springer, 2 pursuits, hostile takeover protection
and expanded membership access are orthogonal
OwenDelong, HE.net, respond to Andrew; it is wrong to
open up voting for board to community; board has fiduciary
responsibility to the paying membership. It's not clear
the situation is broken, or needs fixing.
If you are a POC with resources attached to your handle,
you get one vote; otherwise, you do not.
That would open it from members to members+end users+ASN
holders+legacy holders. Interesting proposal.
Andrew Dul, responding to Owen; was not suggesting open
to non-members, was suggesting making end-users more like
members.
Remote participant, Joe Maimon, CHL, he believes ARIN is
an incredibly open and welcoming organization; a takeover
would only cost about $5 million...ack, that's fast talking.
Steve Feldman, NANOG SC--if there are ways that NANOG
and ARIN can work together, NANOG would be open to helping
with that.
NANOG surveys say the joint efforts were very valuable.
We will strive to do more.
We only do what we do because we've always done it; we have
inertia.
Leo Bicknell, ISC, one thing he noticed even with joint
sessions; a lot of routing folks leave, and addressing
folks show up. At RIPE, they interleave the schedules
during the week, so people can't leave.
Aaron Hughes, loves it, except that company justification
may be harder; educate people more, but smaller group of
people may be able to attend.
Lee Howard, ARIN board. New topic. Thank the remote participants
this week; the comments are valuable and useful; during show of
hands outcome tilted based on remote participation.
Closing the microphones in a moment.
Scott Liebrand--we have a lot of really good candidates, limited
number of slots; Not all five of his votes will get elected, he
has no say in other two. Could we consider doing rank-choice
voting, to indicate your preference for candidates to better
steer the candidate selection?
A: As part of the NomComm, he will suggest that.
Closing microphones now.
Rob Seastrom, Affilias -- while he understands the motivation
behind Leo's recommendation that we interleave the two meetings,
it could be a logistical nightmare; he's not entirely in favour
of it.
Steve Woodrow, MIT, fellowship program. Thanks to everyone for
an enlightening four days. Thanks for selecting him, and keep
it up!
David Farmer, UofMinn--wednesday's v6 panel; having your
address showing up on ARIN web page when you go there was
raised as concerned; 2009-2 from suggestion process.
A: It's a difficult thing to do via content management system;
it will happen...slowly. Not forgotten, but more challenging
than expected with content mangement system.
Other RIRs have figured out it out...we will catch up.
That concludes open mic portion.
This is end of meeting.
Fill out your general survey!
There will be a consolation prize as well!
Calling all DMRs; elections are open, vote NOW!
or visit Jud at election desk.
All DMRs will get called.
Thanks to Arbor and Merit.
Holders are recycled! Drop them at desk out there!
Meeting adjourns at 1206 hours Eastern time.
See you in 2010!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20091023/ec06e7e1/attachment.htm>
More information about the ARIN-PPML
mailing list